REMARKS 

Claims 1-72 were previously pending in this patent application. Claims 
1-72 stand rejected. Accordingly, after this Amendment and Response, Claims 
1-72 remain pending in this patent application. Further examination and 
reconsideration in view of the claims, remarks, and arguments set forth below 
is respectfully requested. 



35 U.S.C. Section 112. First Paragraph. Rejections 

Claims 1-33 stand rejected under 35 U.S.C. Section 112, First 
Paragraph, as failing to comply with the enablement requirement. Specifically, 
the Rejection states that performance of a primary authentication protocol is not 
enabled by the specification. Applicants respectfully disagree. "The test of 
enablement is whether one reasonably skilled in the art could make or use the 
invention from the disclosures in the patent coupled with information known in 
the art without undue experimentation." United States v. Telectronics, /nc, 857 
F.2d 778, 785, 8 USPQ2d 1217, 1223 (Fed. Cir. 1988). Furthermore, a patent 
need not teach, and preferably omits, what is well known in the art. In re 
Buchner, 929 F.2d 660, 661, 18 USPQ2d 1331, 1332 (Fed. Cir. 1991). In this 
case, primary authentication protocols are well known to those skilled in the art. 
For the purposes of illustration, the specification provides an example of one 
type of primary authentication protocol suitable for one embodiment [page 14, 
lines 10-15]. Moreover, the specification specifically contemplates that "any 
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other authentication protocol can be implemented as the primary authentication 
protocol" [page 14, lines 19-21]. These other authentication protocols are well 
known to those skilled in the art. In light of the foregoing, withdrawal of the 
rejection of Claims 1-33 is respectfully requested. 



35 U.S.C. Section 102(e) Rejections 

Claims 1, 12, and 23 stand rejected under 35 U.S.C. 102(e) as being 
anticipated by Shambroom, U.S. Patent No. 6,198,824 (hereafter Shambroom). 
These rejections are respectfully traversed. 



Independent Claim 1 recites: 

A method of re-authenticating and protecting communication security 
comprising the steps of: 

a) performing a secondary authentication protocol between a client 
electronic system (client) and a network access point electronic system (AP) 
using a key lease generated by performance of a primary authentication 
protocol, wherein said key lease includes a key lease period for indicating a 
length of time in which said key lease is valid for using said secondary 
authentication protocol instead of said primary authentication protocol; and 

b) if said secondary authentication protocol is successful, 
generating a session encryption key for encrypting communication traffic 
between said client and said AP. (emphasis added) 



Independent Claims 12 and 23 recite similar limitations. It is respectfully 
asserted that Shambroom does not disclose the present invention as recited in 
Independent Claim 1. 
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Shambroom and the claimed invention are very different. Applicants 
understand Shambroom to teach a system for providing secure remote 
command execution. In particular, Applicants respectfully assert that 
Shambroom does not teach, describe, or suggest "performing a secondary 
authentication protocol between a client electronic system (client) and a 
network access point electronic system (AP) using a key lease generated by 
performance of a primary authentication protocol, wherein said key lease 
includes a key lease period for indicating a length of time in which said key 
lease is valid for using said secondary authentication protocol instead of said 
primary authentication protocol" (emphasis added), as recited in Claim 1. 

Applicants respectfully assert that Shambroom does not disclose a 
primary authentication protocol and a secondary authentication protocol. The 
passage from Shambroom that Examiner cites as disclosing the use of both a 
primary and a secondary authentication protocol [Shambroom, col. 9, lines 11- 
32] actually only discloses a single authentication protocol. Specifically, the 
protocol disclosed is Kerberos Version 5 [Shamrboom, col. 8, lines 11-15]. 

In contrast, embodiments of the claimed invention as recited in Claims 
1, 12, and 23 are directed towards re-authentication which involves "performing 
a secondary authentication protocol between a client electronic system (client) 
and a network access point electronic system (AP) using a key lease 
generated by performance of a primary authentication protocol, wherein said 
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key lease includes a key lease period for indicating a length of time in which 
said key lease is valid for using said secondary authentication protocol instead 
of said primary authentication protocol" (emphasis added). Thus, the re- 
authentication uses two distinct authentication protocols: a primary 
authentication protocol and a secondary authentication protocol. 

Therefore, Applicants respectfully assert that nowhere does Shambroom 
teach, disclose, or suggest the claimed embodiments of the present invention 
as recited in Claims 1,12, and 23, that these claims overcome the rejection 
under 35 U.S.C. § 102(e), and are thus in a condition for allowance. 



Claims 34-36, 47-49, and 60-62 stand rejected under 35 U.S.C. 102(e) 
as being anticipated by Candelore U.S. Patent No. 6,363,149 B1 (hereafter 
Candelore). These rejections are respectfully traversed. 



Independent Claim 34 recites: 

A method of authenticating a client electronic system (client), 
comprising the steps of: 

a) in response to a first request to authenticate, performing a 
primary authentication protocol between said client and a first 
network access point electronic system (first AP) to allow access to a 
network] 

b) if said primary authentication protocol is successful, 
generating a key lease, wherein said key lease includes context 
information and a key lease period for indicating a length of time in 
which said key lease is valid for using a secondary authentication 
protocol instead of said primary authentication protocol] 

c) transmitting said key lease to said client; and 
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d) in response to a second request to authenticate, performing 
said secondary authentication protocol between said client and a 
second network access point electronic system (second AP) using 
said key lease, (emphasis added) 

It is respectfully asserted that Candelore does not disclose the present 
invention as recited in Independent Claim 34. In particular, Independent Claim 
34 recites the limitations, "performing a primary authentication protocol 
between said client and a first network access point electronic system (first AP) 
to allow access to a network 1 (emphasis added), " if said primary authentication 
protocol is successful, generating a key lease" (emphasis added), "wherein 
said key lease includes context information and a key lease period for 
indicating a length of time in which said key lease is valid for using a secondary 
authentication protocol instead of said primary authentication protocor 
(emphasis added), and " performing said secondary authentication protocol 
between said client and a second network access point electronic system 
(second AP) using said key lease" (emphasis added). In contrast, Candelore 
is directed to providing an encryption key to downstream components in a 
home audio-video system. [Candelore; Col. 1, lines 5-11]. Candelore fails to 
disclose performing a primary authentication protocol between the client and a 
first network access point electronic system ( first AP) to allow access to a 
network, as in the invention of Independent Claim 34. In fact, Candelore never 
discusses authentication to verify an identity to allow access to a network. 
Moreover, the future access keys referred to in Candelore are not generated in 
response to a primary authentication protocol. Rather, they are generated in 
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advance by a hash algorithm. [Candelore; Col. 10, lines 5-42]. Furthermore, 
Candelore never discusses using these encryption keys subsequently for a 
secondary authentication. Therefore, it is respectfully submitted that 
Independent Claim 34 is not anticipated by Candelore and is in condition for 
allowance. 

Dependent Claims 35-36 are dependent on allowable Independent 
Claim 34, which is allowable over Candelore. Hence, it is respectfully 
submitted that Dependent Claims 35-36 are patentable over Candelore for the 
reasons discussed above. 



With respect to Independent Claim 47, it is respectfully submitted that 
Independent Claim 47 recites similar limitations as in Independent Claim 34. 
In particular, the Independent Claim 47 recites the limitations, "perform a 
primary authentication protocol with a first network access point electronic 
system (first AP) to allow access to a network' (emphasis added), "receive a 
key lease if said primary authentication protocol is successfuf (emphasis 
added), "said key lease includes context information and a key lease period for 
indicating a length of time in which said key lease is valid for using a secondary 
authentication protocol instead of said primary authentication protocof 
(emphasis added), and "perform said secondary authentication protocol with a 
second network access point electronic system (second AP) using said key 
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/ease" (emphasis added). As discussed above, Candelore fails to disclose the 
cited limitations. Therefore, Independent Claim 47 is not anticipated by 
Candelore and is in condition for allowance based on reasons discussed in 
connection with Independent Claim 34. 

Dependent Claims 48-49 are dependent on allowable Independent 
Claim 47, which is allowable over Candelore. Hence, it is respectfully 
submitted that Dependent Claims 48-49 are patentable over Candelore for the 
reasons discussed above. 



With respect to Independent Claim 60, it is respectfully submitted that 
Independent Claim 60 recites similar limitations as in Independent Claim 34. 
In particular, the Independent Claim 60 recites the limitations, "perform a 
primary authentication protocol with a client electronic system (client) to allow 
access to a network (emphasis added), "generate a key lease if said primary 
authentication protocol is successfur (emphasis added), "said key lease 
includes context information and a key lease period for indicating a length of 
time in which said key lease is valid for using a secondary authentication 
protocol instead of said primary authentication protocol (emphasis added), 
and "perform said secondary authentication protocol with said client using said 
key lease" (emphasis added). As discussed above, Candelore fails to 
disclose the cited limitations. Therefore, Independent Claim 60 is not 
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anticipated by Candelore and is in condition for allowance based on reasons 
discussed in connection with Independent Claim 34. 

Dependent Claims 61-62 are dependent on allowable Independent 
Claim 60, which is allowable over Candelore. Hence, it is respectfully 
submitted that Dependent Claims 61-62 are patentable over Candelore for the 
reasons discussed above. 

35 U.S.C. Section 103(a) Rejections 

Claims 2-6, 13-17, and 24-28 stand rejected under 35 U.S.C. 103(a) as 
being unpatentable over Shambroom, U.S. Patent No. 6,198,824 B1 (hereafter 
Shambroom) as applied to claims 1,12, and 23, and in view of Dole, U.S. 
Patent No. 6,628,786 (hereafter Dole). These rejections are respectfully 
traversed. 

Dependent Claims 2-6, Dependent Claims 13-17, and Dependent 
Claims 24-28 are dependent on allowable Independent Claims 1, 12, and 23 
respectively, which are allowable over Shambroom. Moreover, Dole does not 
disclose the limitations "performing a secondary authentication protocor 
(emphasis added), "a key lease generated by performance of a primary 
authentication protocor (emphasis added), "said key lease includes a key 
lease period for indicating a length of time in which said key lease is valid for 
using said secondary authentication protocol instead of said primary 
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authentication protocor (emphasis added), and "// said secondary 
authentication protocol is successful, generating a session encryption key" 
(emphasis added), as in the inventions of Independent Claims 1, 12, and 23. 
Hence, it is respectfully submitted that Independent Claims 1, 12, and 23 are 
patentable over the combination of Shambroom and Dole for the reasons 
discussed above. Since Dependent Claims 2-6, 13-17, and 24-28 depend 
from Independent Claims 1, 12 and 23 respectively, it is respectfully submitted 
that Dependent Claims 2-6, 13-17, and 24-28 are patentable over the 
combination of Shambroom and Dole for the reasons discussed above. 



Claims 7-11, 18-22, and 29-33 stand rejected under 35 U.S.C. 103(a) as 
being unpatentable over Shambroom, U.S. Patent No. 6,198,824 (hereafter 
Shambroom), in view of Dole, U.S. Patent No. 6,628,786 (hereafter Dole), and 
in view of Kessler et al., U.S. Patent No. 6,789,147 (hereafter Kessler). These 
rejections are respectfully traversed. 

Dependent Claims 7-11, Dependent Claims 18-22, and Dependent 
Claims 29-33 are dependent on allowable Independent Claims 1,12, and 23 
respectively, which are allowable over Shambroom. Moreover, Dole and 
Kessler do not disclose the limitations "performing a secondary authentication 
protocor (emphasis added), "a key lease generated by performance of a 
primary authentication protocor (emphasis added), "said key lease includes a 
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key lease period for indicating a length of time in which said key lease is valid 
for using said secondary authentication protocol instead of said primary 
authentication protocor (emphasis added), and "if said secondary 
authentication protocol is successful, generating a session encryption key" 
(emphasis added), as in the inventions of Independent Claims 1, 12, and 23. 
Hence, it is respectfully submitted that Independent Claims 1,12, and 23 are 
patentable over the combination of Shambroom, Dole, and Kessler for the 
reasons discussed above. Since Dependent Claims 7-11, 18-22, and 29-33 
depend from Independent Claims 1,12 and 23 respectively, it is respectfully 
submitted that Dependent Claims 7-11, 18-22, and 29-33 are patentable over 
the combination of Shambroom, Dole, and Kessler for the reasons discussed 
above. 



Claims 37, 50, and 63 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over Candelore, U.S. Patent No. 6,363,149 (hereafter Candelore) 
and in view of Kennelly et al., U.S. Patent No. 6,754,702 (hereafter Kennelly). 
These rejections are respectfully traversed. 

Dependent Claims 37, 50, and 63 are dependent on allowable 
Independent Claims 34, 47, and 60 respectively, which are allowable over 
Candelore. Moreover, Kennelly does not disclose the limitations "performing a 
primary authentication protocol between said client and a first network access 
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point electronic system (first AP) to allow access to a network (emphasis 
added), "if said primary authentication protocol is successful, generating a key 
lease" (emphasis added), "wherein said key lease includes context information 
and a key lease period for indicating a length of time in which said key lease is 
valid for using a secondary authentication protocol instead of said primary 
authentication protocof (emphasis added), and "performing said secondary 
authentication protocol between said client and a second network access point 
electronic system (second AP) using said key lease" (emphasis added), as in 
the inventions of Independent Claims 34, 47, and 60. Hence, it is respectfully 
submitted that Independent Claims 34, 47, and 60 are patentable over the 
combination of Candelore and Kennelly for the reasons discussed above. 
Since Dependent Claims 37, 50, and 63 depend from Independent Claims 34, 
47, and 60 respectively, it is respectfully submitted that Dependent Claims 37, 
50, and 63 are patentable over the combination of Candelore and Kennelly for 
the reasons discussed above. 

Claims 38-43, 51-56, and 64-69 stand rejected under 35 U.S.C. 103(a) 
as being unpatentable over Candelore et al., U.S. Patent No. 6,363,149 
(hereafter Candelore) and in view of Babu et al., U.S. Patent No. 6,122,639 
(hereafter Babu). These rejections are respectfully traversed. 
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Dependent Claims 38-43, 51-56, and 64-69 are dependent on allowable 
Independent Claims 34, 47, and 60 respectively, which are allowable over 
Candelore. Moreover, Babu does not disclose the limitations "performing a 
primary authentication protocol between said client and a first network access 
point electronic system (first AP) to allow access to a network 1 (emphasis 
added), "if said primary authentication protocol is successful, generating a key 
lease" (emphasis added), "wherein said key lease includes context information 
and a key lease period for indicating a length of time in which said key lease is 
valid for using a secondary authentication protocol instead of said primary 
authentication protocor (emphasis added), and "performing said secondary 
authentication protocol between said client and a second network access point 
electronic system (second AP) using said key lease" (emphasis added), as in 
the inventions of Independent Claims 34, 47, and 60. Hence, it is respectfully 
submitted that Independent Claims 34, 47, and 60 are patentable over the 
combination of Candelore and Babu for the reasons discussed above. Since 
Dependent Claims 38-43, 51-56, and 64-69 depend from Independent Claims 
34, 47, and 60 respectively, it is respectfully submitted that Dependent Claims 
38-43, 51-56, and 64-69 are patentable over the combination of Candelore and 
Babu for the reasons discussed above. 



Claims 44, 57, and 70 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over Candelore et al., U.S. Patent No. 6,363,149 (hereafter 
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Candelore) and in view of Kung et al., U.S. Patent No. 5,917,91 1 (hereafter 
Kung). These rejections are respectfully traversed. 

Dependent Claims 44, 57, and 70 are dependent on allowable 
Independent Claims 34, 47, and 60 respectively, which are allowable over 
Candelore. Moreover, Kung does not disclose the limitations "performing a 
primary authentication protocol between said client and a first network access 
point electronic system (first AP) to allow access to a network' (emphasis 
added), "if said primary authentication protocol is successful, generating a key 
lease" (emphasis added), "wherein said key lease includes context information 
and a key lease period for indicating a length of time in which said key lease is 
valid for using a secondary authentication protocol instead of said primary 
authentication protocol (emphasis added), and "performing said secondary 
authentication protocol between said client and a second network access point 
electronic system (second AP) using said key lease" (emphasis added), as in 
the inventions of Independent Claims 34, 47, and 60. Hence, it is respectfully 
submitted that Independent Claims 34, 47, and 60 are patentable over the 
combination of Candelore and Kung for the reasons discussed above. Since 
Dependent Claims 44, 57, and 70 depend from Independent Claims 34, 47, 
and 60 respectively, it is respectfully submitted that Dependent Claims 44, 57, 
and 70 are patentable over the combination of Candelore and Kung for the 
reasons discussed above. 
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Claims 45, 58, and 71 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over Candelore et al., U.S. Patent No. 6,363,149 (hereafter 
Dabbish) and in view of Burns et al., U.S. Patent No. 6,792,424 (hereafter 
Burns). These rejections are respectfully traversed. 

Dependent Claims 45, 58, and 71 are dependent on allowable 
Independent Claims 34, 47, and 60 respectively, which are allowable over 
Candelore. Moreover, Burns does not disclose the limitations "performing a 
primary authentication protocol between said client and a first network access 
point electronic system (first AP) to allow access to a network" (emphasis 
added), "if said primary authentication protocol is successful, generating a key 
lease" (emphasis added), "wherein said key lease includes context information 
and a key lease period for indicating a length of time in which said key lease is 
valid for using a secondary authentication protocol instead of said primary 
authentication protocor (emphasis added), and "performing said secondary 
authentication protocol between said client and a second network access point 
electronic system (second AP) using said key lease" (emphasis added), as in 
the inventions of Independent Claims 34, 47, and 60. Hence, it is respectfully 
submitted that Independent Claims 34, 47, and 60 are patentable over the 
combination of Candelore and Burns for the reasons discussed above. Since 
Dependent Claims 45, 58, and 71 depend from Independent Claims 34, 47, 
and 60 respectively, it is respectfully submitted that Dependent Claims 45, 58, 
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and 71 are patentable over the combination of Candelore and Burns for the 
reasons discussed above. 



Claims 46, 59, and 72 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over Candelore et al., U.S. Patent No. 6,363,149 (hereafter 
Candelore) and in view of Burns et al., U.S. Patent No. 6,792,424 (hereafter 
Burns). These rejections are respectfully traversed. 

Dependent Claims 46, 59, and 72 are dependent on allowable 
Independent Claims 34, 47, and 60 respectively, which are allowable over 
Candelore. Moreover, Burns does not disclose the limitations "performing a 
primary authentication protocol between said client and a first network access 
point electronic system (first AP) to allow access to a network?* (emphasis 
added), "if said primary authentication protocol is successful, generating a key 
lease" (emphasis added), "wherein said key lease includes context information 
and a key lease period for indicating a length of time in which said key lease is 
valid for using a secondary authentication protocol instead of said primary 
authentication protocor (emphasis added), and "performing said secondary 
authentication protocol between said client and a second network access point 
electronic system (second AP) using said key lease" (emphasis added), as in 
the inventions of Independent Claims 34, 47, and 60. Hence, it is respectfully 
submitted that Independent Claims 34, 47, and 60 are patentable over the 
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combination of Candelore and Burns for the reasons discussed above. Since 
Dependent Claims 46, 59, and 72 depend from Independent Claims 34, 47, 
and 60 respectively, it is respectfully submitted that Dependent Claims 46, 59, 
and 72 are patentable over the combination of Candelore and Burns for the 
reasons discussed above. 
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CONCLUSION 



It is respectfully submitted that the above claims, arguments, and 
remarks overcome all rejections. Claims 1-33 are enabled by the specification, 
and all remaining claims (Claims 1-72) are neither anticipated nor obvious in 
view of the cited references. For at least the above-presented reasons, it is 
respectfully submitted that all remaining claims (Claims 1-72) are in condition 
for allowance. 

The Examiner is urged to contact Applicants' undersigned representative 
if the Examiner believes such action would expedite resolution of the present 
Application. 

Please charge any additional fees or apply any credits to our PTO 
deposit account number: 23-0085. 

Respectfully submitted, 
Wagner, Murabito & Hao, LLP 



Dated: Uh 0^ 





/ 



John P. Wagner 
Registration No. 35,398 
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